Is K8s Manifest Audit free?

Yes, K8s Manifest Audit is free to use.

How do I install K8s Manifest Audit?

K8s Manifest Audit supports both local and remote installation. For local use, install it via the provided package manager and add the configuration to your AI app. For remote access, add the server URL to your MCP configuration.

What AI apps work with K8s Manifest Audit?

K8s Manifest Audit uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

K8s Manifest Audit MCP Server

by UnbearableDev

Cloud & DevOpsModerate5.2MCP RegistryLocalRemote

Free

Server data from the Official MCP Registry

kube-linter audit for Kubernetes manifests — 63 checks: security, availability, RBAC, network.

About

kube-linter audit for Kubernetes manifests — 63 checks: security, availability, RBAC, network.

Remote endpoints: streamable-http: https://unbearable-dev--k8s-manifest-audit.apify.actor/mcp

Security Report

5.2

Moderate5.2Moderate Risk

Well-structured MCP server with appropriate authentication via Bearer token, proper input validation, and safe subprocess handling. The server delegates actual linting to kube-linter (external binary) via controlled subprocess calls with timeouts. Minor code quality observations (broad exception handling, logging of check names) do not raise security concerns. Permissions are appropriately scoped to the server's purpose of auditing Kubernetes manifests. Supply chain analysis found 3 known vulnerabilities in dependencies (1 critical, 1 high severity).

5 files analyzed · 6 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

File System Write

Writes or modifies files on your machine. Check that this is expected for the tool.

File System Read

Reads files on your machine. Normal for tools that analyze or process local data.

file_delete

Check that this permission is expected for this type of plugin.

process_spawn

Check that this permission is expected for this type of plugin.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

How to Install & Connect

Available as Local & Remote

This plugin can run on your machine or connect to a hosted endpoint. during install.

Documentation

View on GitHub

From the project's GitHub README.

k8s-manifest-audit

k8s-manifest-audit — static audit of Kubernetes manifests via MCP. Powered by kube-linter. Part of the Unbearable Labs audit shop.

Built by Unbearable Labs. Pay-per-event pricing — only billed when a tool is actually called.

What it does

Point any MCP-capable client (Claude Desktop, Cursor, n8n, Make, Zapier, custom agents) at this server, hand it a Kubernetes manifest or directory of manifests, get back a structured report:

Severity — high / medium / low / info
Check ID — kube-linter check name (e.g. privileged-container, unset-cpu-requirements)
Category — security / resources / availability / network / rbac / images / config
Message — what kube-linter found and where
Remediation hint — what to do about it
Object location — kind, name, namespace of the offending resource

63 checks total (31 enabled by default). Covers Deployment, Service, Ingress, ConfigMap, Secret, StatefulSet, DaemonSet, Job, CronJob, NetworkPolicy, RBAC, HPA, PDB, and more.

Tools

Tool	Pricing	Purpose
`audit_manifest(yaml_content)`	$0.02	Audit a single YAML string (may contain multi-doc `---`)
`audit_directory(files)`	$0.02	Audit multiple files — cross-file checks work correctly
`list_checks(enabled_only=False)`	$0.005	Browse the full 63-check catalog with severity + category
`explain_check(check_id)`	$0.005	Get description + remediation for one specific check

Quick start

{
  "mcpServers": {
    "k8s-manifest-audit": {
      "url": "https://unbearable-dev--k8s-manifest-audit.apify.actor/mcp",
      "headers": { "Authorization": "Bearer <YOUR_APIFY_TOKEN>" }
    }
  }
}

Check catalog (sample — 63 checks total)

Check ID	Category	Severity (mapped)
`privileged-container`	security	high
`privilege-escalation-container`	security	high
`run-as-non-root`	security	high
`env-var-secret`	security	high
`host-pid` / `host-ipc` / `host-network`	security	high
`wildcard-in-rules`	rbac	high
`cluster-admin-role-binding`	rbac	high
`unset-cpu-requirements`	resources	medium
`unset-memory-requirements`	resources	medium
`no-liveness-probe` / `no-readiness-probe`	availability	medium
`latest-tag`	images	medium
`minimum-three-replicas`	availability	medium
`no-rolling-update-strategy`	availability	medium
`dangling-service` / `dangling-ingress`	config	low
`use-namespace`	config	low

Use list_checks to get the full, up-to-date catalog.

Pricing

Event	USD
`audit_manifest` or `audit_directory` call	$0.02
`list_checks` or `explain_check` call	$0.005

Built by Noel @ Unbearable Labs — more like this in the weekly newsletter.

Reviews

No reviews yet

Be the first to review this server!

More Cloud & DevOps MCP Servers

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

MarkItDown

Free

by Microsoft · Content & Media

Convert files (PDF, Word, Excel, images, audio) to Markdown for LLM consumption

K8s Manifest Audit MCP Server

About

Security Report

Findings (6)Action required

Permissions Required

How to Install & Connect

Documentation

k8s-manifest-audit

What it does

Tools

Quick start

Check catalog (sample — 63 checks total)

Pricing

Reviews

No reviews yet

More Cloud & DevOps MCP Servers

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript

FinAgent

Google Workspace MCP